× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 09e74f36028f875b26d2faecbeebfcb0ffcd148a9c9abf3f8ff0049eab3b24b0
File name: Trial-Reset.exe
Detection ratio: 34 / 42
Analysis date: 2009-06-29 06:26:19 UTC ( 8 years, 12 months ago ) View latest
Antivirus Result Update
a-squared Riskware.Hacktool.TrialReset!IK 20090629
AhnLab-V3 Win-Trojan/Xema.variant 20090629
AntiVir TR/Agent.167488 20090628
Antiy-AVL Trojan/Win32.VB.gen 20090626
Authentium W32/Backdoor.BVMA 20090628
AVG Generic10.WMK 20090628
BitDefender Trojan.Generic.1621673 20090629
CAT-QuickHeal Trojan.Agent.ATV 20090626
Comodo Unclassified Malware 20090629
eSafe Win32.Infostealer.ga 20090628
F-Prot W32/Backdoor.BVMA 20090628
F-Secure Trojan.Win32.VB.rdt 20090629
GData Trojan.Generic.1621673 20090629
Ikarus not-a-Virus.Hacktool.TrialReset 20090629
Jiangmin Trojan/Agent.aona 20090628
K7AntiVirus Trojan.Win32.Malware.1 20090619
Kaspersky Trojan.Win32.VB.rdt 20090629
McAfee Generic.dx 20090628
McAfee+Artemis Generic.dx 20090628
McAfee-GW-Edition Trojan.Agent.167488 20090628
NOD32 probably a variant of Win32/Agent 20090628
NOD32Beta probably a variant of Win32/Agent 20090628
Norman W32/Packed_Upack.A 20090626
nProtect Trojan/W32.Agent.167488 20090629
Panda Generic Trojan 20090628
PCTools Packed/Upack 20090628
Prevx Medium Risk Malware 20090629
Sophos AV Mal/Generic-A 20090629
Sunbelt Bulk Trojan 20090628
Symantec Trojan Horse 20090629
TheHacker W32/Behav-Heuristic-060 20090627
TrendMicro TROJ_Generic.A 20090628
VBA32 Trojan.Win32.VB.rdt 20090629
VirusBuster Packed/Upack 20090628
Avast 20090628
ClamAV 20090629
DrWeb 20090629
eTrust-Vet 20090626
Fortinet 20090629
Microsoft 20090628
Rising 20090629
ViRobot 20090629
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
Command UPack
PEiD Upack v0.399 -> Dwing
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-01-23 23:39:42
Entry Point 0x00001018
Number of sections 3
PE sections
Number of PE resources by type
RT_ICON 1
NTAPI 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2004:01:23 23:39:42+00:00

FileType
Win32 EXE

PEType
PE32

CodeSize
1766614113

LinkerVersion
76.111

EntryPoint
0x1018

InitializedDataSize
1918988898

SubsystemVersion
4.0

ImageVersion
0.58

OSVersion
4.0

UninitializedDataSize
16761

Compressed bundles
File identification
MD5 2a55450d79b275fbad0fb8fdfc1fe310
SHA1 bfd4ec9a7355443d68bf0d0a958c12068273e875
SHA256 09e74f36028f875b26d2faecbeebfcb0ffcd148a9c9abf3f8ff0049eab3b24b0
ssdeep
3072:V3ON1rA2dstvtDMZMQ2Jkbd/QXwibft2QLuIy37MKrPpSgFK3+o:V3qrA2M1MX2Jk6t21IW7MMjM35

authentihash 725667fb19a97716a6f4f3958841911afa78d691d02ca2362b20340da48a0f3b
File size 163.6 KB ( 167488 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID DOS Executable Generic (100.0%)
Tags
corrupt peexe upack

VirusTotal metadata
First submission 2007-09-26 17:05:11 UTC ( 10 years, 9 months ago )
Last submission 2017-10-08 15:39:53 UTC ( 8 months, 2 weeks ago )
File names smona131658940183315742637
smona131067815906830452954
smona131306203490688939443
smona132104693734213140373
smona132095130353093208383
smona130610829143640632807
smona_09e74f36028f875b26d2faecbeebfcb0ffcd148a9c9abf3f8ff0049eab3b24b0.bin
smona131325566909377467153
Trial-Reset.exe
09E74F36028F875B26D2FAECBEEBFCB0FFCD148A9C9ABF3F8FF0049EAB3B24B0
file-3129537_exe
2a55450d79b275fbad0fb8fdfc1fe310.exe
smona131824362513958653141
TRIAL-RESET.EXE
smona130745579543468952786
smona132535480046041935096
smona132590718685730508458
smona132523229193800613904
smona131843499101438907412
smona130553472686468798693
smona131842729035812424632
smona131135031557853470372
smona131496406352353910142
smona131324148903150155757
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!